Home » Security Bloggers Network » 5 legitimate tools commonly used for malicious purposes

5 legitimate tools commonly used for malicious purposes

Introduction

It should come as no surprise that there is quite a lot of malicious activity that can be accomplished with seemingly harmless tools. You could make the analogy of a workshop tool, such as a hammer, being both a creative and destructive implement depending on who wields it. The same is true of many legitimate diagnostic tools.

Not all of the applications in our list are necessarily malicious in their own right, though. Many of them simply provide information to an attacker, allowing them to either use the information inside another tool or to change the angle of their attack once they have performed some reconnaissance.

1. Angry IP Scanner

IP scanners are legitimate tools that can help users to discover devices they weren’t aware of on the network. This is especially helpful where there are newly configured devices that haven’t yet been documented, or as a troubleshooting step when trying to diagnose connectivity issues.

Angry IP Scanner is able to scan multiple broadcast domains and find out network host information such as the network name, IP address and MAC address. This is very useful with the many different IoT devices that use ethernet and Wi-Fi to connect to modern networks.

However, these same features can also be used for malicious purposes. The most obvious one is reconnaissance work by a potential attacker. Mapping the network and the devices that are present is one of the quickest and easiest ways to find potential targets. Angry IP Scanner is able to identify targets so that other tools can be used to further the attack. Angry IP Scanner can also find fetchers that relate to each target machine such as TTL, open ports, filtered ports, web detect, HTTP sender, comments, NetBIOS information, MAC address, MAC vendor and even packet loss.

Most (Read more...)